Case Studies

Andy’s Auto Sports

Mar 12th 2014

Click to view pdf

If you have ever thought about adding power, flash or strength to your vehicle, chances are you have come across Andy’s Auto Sport. Offering car body kits for a dizzying array of car and truck models, Andy’s Auto Sport is widely regarded as the premiere provider of car body kits in the world. As a top rate auto parts retailer with an outstanding selection of parts, and an industry expert, they’ve been featured on TV’s Pimp My Ride, as well as several industry magazines including Superstreet and Import Tuner. Suffice it to say, they are a big deal in the bad-ass car game.

As big a deal as they are, Andy’s Auto Sport runs an efficient show, with their entire retail sales team operating online via their website. With 45 employees serving over 5,000 customers monthly from more than 20 countries around the world, the company’s website plays a crucial role in their success. Over a million unique visitors to their site every month illustrates why it is so important, and why any downtime translates into a huge financial loss.

So when their website went down, the situation got serious fast.

When things went wrong

It was an average business day in 2011, when all of a sudden, staff began leaping out of their chairs. “What’s wrong with the site?” was heard rippling through the office space, as sales and support team members realized almost instantly that the website was not functioning normally. The entire staff depends on the Andy’s Auto Sport site to do their jobs, so when its performance began to lag, it was a matter of seconds before staff were alerting the IT team. “Pages that would normally take about 3 seconds to load, were taking 60 seconds or more, or not even loading at all,” said Eric Ferguson, general manager.

IT was on it, and when they took a closer look at their web traffic logs, what they saw was not good: so many requests were being made to the servers that every connection was being utilized, overwhelming server resources and effectively shutting the whole operation down.

“It was the technological equivalent of a run on the banks,” says DOSarrest security operations manager Sean Power. “To follow the analogy, what the system administrator would have been seeing were extremely long queues and slow response times, culminating with customers getting turned away.”

The team spent about a day and a half rebooting equipment and trying to resolve the problem on their own before they looked for help.

“We suspected that we were dealing with a DDoS attack,” said Ferguson. And for that they needed experts.

“This affected our business in a big way,” said Eric Ferguson, General Manager at Andy’s Auto Sport. “We have a 45-person business that relies entirely on our website for sales, so when our website went down it effectively shut our company down. We were down for a day and a half, which had a massive impact on our revenue stream.”

Calling in the experts

Andy’s Auto Sport did not previously have a company providing them with DDoS protection, despite the fact that they had been attacked once before.

“It was a couple of years before this attack, and we didn’t even really know what it was. But we were lucky, and within a day or so we just woke up and it was over, … It was pure luck that it ended on its own.”

But this time around, they knew they weren’t interested in waiting the attackers out. At about 6pm on the second day of the attack, they searched online for DDoS mitigation providers, and came across DOSarrest. They spoke to a DOSarrest security expert immediately and were quickly reassured that DOSarrest could resolve their problem and get them back up and running, and they quickly signed up.

“We were quoted a price by DOSarrest, … After thinking about it we agreed to it and were immediately set up with a customer login and account.”

Resolving the issue

The DOSarrest representative walked the Andy’s Auto Sport team through what happened next:

  1. Andy’s Auto Sport obtained a clean IP from their ISP;
  2. they installed it on their server and told DOSarrest what the IP was;
  3. they initiated a DNS change to point the clean IP to a DOSarrest IP so that all the traffic would be redirected to DOSarrest traffic scrubbing nodes;
  4. DOSarrest cleaned the traffic and sent only legitimate requests back to the server, clearing the pile-up of requests on the server and resolving the issue.

“We got them set up with DOSarrest Proxy Defense (link to: http://www.dosarrest.com/en/dosarrest-proxy-defense.html). Usually this can be set up in about 15 minutes flat, but unfortunately in this case we had to wait for the DNS change to go through,” said Power.

DOSarrest’s Proxy Defense is ideal for emergency situations, because it can often be set up in no more than 15 minutes, and then stays on as full-time DDoS protection.

Once the DNS change was made, the Andy’s Auto Sport website was back online and functioning almost instantly.

“Once we began using DOSarrest, the problem was solved immediately! … We changed our DNS to point to the DOSarrest servers, and once the DNS change went through the site was back to normal immediately.”

DNS PROPAGATION TIMES

DOSarrest, like other cloud-based DDoS mitigation providers, requires the customer to change their DNS. This allows the DDoS protection service to do its job, while enabling the customer to retain control over their own traffic.

DNS propagation times should be minimal if configured properly. We recommend a 300 second cache time, but there are a few legacy name servers still out on the Internet that have a default time anywhere from 8 to 24 hours. This is a setting that your DNS provider can set for you.

The shorter the timeout, the faster your changes will propagate throughout the Internet.

The DOSarrest advantage

Eric is quick to point out that with DOSarrest, they get more than DDoS protection, they have actually seen an improvement in the performance of their website. “There is no question about it, the site performance is BETTER than before. The reason is that DOSarrest’s servers provide a caching service, and so pages that loaded in 3 seconds before the attack, are now loading in 1-2 seconds. It’s an excellent perk that we get in addition to being protected against DDoS attacks.”
Eric’s team also can’t say enough about the level of service that they receive at DOSarrest.

“We have emailed the support team probably 20 times in our almost two years of using the service, and literally every single time we get a response in less than 10 minutes. I’ve never seen service of this calibre in any industry.”

rating10

“I rate DOSarrest a 10, we are extremely satisfied. I would absolutely recommend DOSarrest services to other companies.”

- Eric Ferguson, General Manager


 Case Studies

DDoS Article Categories